package com.leyou.gateway.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

//跨域请求设置
@Configuration
public class GlobalCorsConfig {

    @Bean
    public CorsFilter corsFilter(){
    //    1.添加CORS配置信息
        CorsConfiguration corsConfiguration = new CorsConfiguration();
    //    允许的域，不要写*（代表匹配所有域），否则cookie无法使用
        corsConfiguration.addAllowedOrigin("http://manage.leyou.com");
        corsConfiguration.addAllowedOrigin("http://www.leyou.com");
    //    是否发送cookie信息
        corsConfiguration.setAllowCredentials(true);
    //    允许的请求方式
        corsConfiguration.addAllowedMethod("OPTIONS");
        corsConfiguration.addAllowedMethod("HEAD");
        corsConfiguration.addAllowedMethod("GET");
        corsConfiguration.addAllowedMethod("PUT");
        corsConfiguration.addAllowedMethod("POST");
        corsConfiguration.addAllowedMethod("DELETE");
        corsConfiguration.addAllowedMethod("PATCH");
    //    允许的头信息
        corsConfiguration.addAllowedHeader("*");
    //    预检请求有效期
        corsConfiguration.setMaxAge(3600L);
    //    添加映射路径，我们拦截一切请求
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**",corsConfiguration);

    //    返回新的CorsFilter
        return new CorsFilter(urlBasedCorsConfigurationSource);
    }
}
